What is Microsoft System Sweeper?

Yesterday, a friend told me about Microsoft System Sweeper, and recommended that I download it. I currently have McAfee anti-virus and spyware protection. What exactly does the new System Sweeper tool offer, and do really need it?

Do I Need Microsoft System Sweeper?

Some malware can render Windows-based anti-malware programs impotent, or even prevent the operating system from loading at startup. Microsoft has a released a beta (test) version of a recovery program that can boot from CD or USB flash drive, allowing users to clean infected machines without loading Windows or depending on your anti-virus software. It can also find and eliminate hidden rootkits.

The program, called Microsoft Standalone System Sweeper, is not intended as a replacement for real-time anti-malware protection such as McAfee, Avira or Microsoft Security Essentials. Rather, it is a last-resort recovery tool for occasions when Windows or traditional anti-malware protection cannot be started or cannot find the source of an infection. You must prepare a System Sweeper boot device before you actually need it.

If you want to give it a try, you can download Microsoft Standalone System Sweeper Beta here (http://connect.microsoft.com/systemsweeper). It comes in versions for 32-bit and 64-bit Windows; be sure to download the version that matches your Windows operating system. To find out which you have, click Start -> Control Panel -> System. The System panel will tell you whether you have 32-bit or 64-bit Windows. If it doesn't say either, you have a 32-bit system.

Make sure you have a blank CD, DVD, or USB drive with at least 250 MB of space handy. Then run the System Sweeper installation package to create a bootable device for emergency use. You may need to tweak your computer's BIOS to allow booting from the System Sweeper device before trying to boot from the hard drive. To do so, watch during the startup phase, and press the indicated button (usually F1, DEL or ESC) to enter the BIOS Setup screen. Look for the "Boot Sequence" or "Boot Device" settings, and make sure you can boot from the external media where you've loaded System Sweeper.

What Does System Sweeper Do?

When System Sweeper starts, its components are all loaded into RAM memory. Your hard drive is not accessed, so any malware (virus, spyware, etc.) you might have never launches. System Sweeper will then scan your infected hard drive to find and remove known malware programs, even if they are hidden in the hard drive's Master Boot Record or other hard-to-access places.

System Sweeper relies on a database of known malware signatures. These signatures are constantly changing, so you must update the signatures database for the best results. Click System Sweeper's "check for updates" button even if you run System Sweeper a short time after downloading it.

System Sweeper uses the same antimalware engine as Microsoft Security Essentials. The main difference between the two products is that System Sweeper can be run even when Security Essentials is blocked by malware.

Other popular anti-malware programs can also make "rescue CDs" similar to System Sweeper. Microsoft is a bit late coming to that party, but System Sweeper is a good free tool to have handy.

Have you tried System Sweeper or a similar tool to fix an infected computer? Post your comment or question below…

Most recent comments on "What is Microsoft System Sweeper?"

Posted by:
Glen
07 Jun 2011

Does System Sweeper need to be downloaded on the same machine and or Windows version that you plan to use it on or can I download it on my XP machine (assuming I download the W7 64bit version)and use it to rescue my W7 64 laptop if it has problems? If so, then I could download the newest version when I need it!

EDITOR'S NOTE: Doesn't matter when or where you download the program. Just have the correct version for the machine where it will be used.

Posted by:
Tom S.
07 Jun 2011

Why take a chance? I d/l both the 32-bit & 64-bit executable file and created two disks, just in case. No problems at the moment, but better to be safe then sorry!

Posted by:
al hook
07 Jun 2011

i used the microsof safteysweeper it worked great. i have told all my facebook buddys about this

Posted by:
Carl David Todd
07 Jun 2011

I downloaded and tried the 32-bit version on my Dell Vostro 200 with XP Professional. It ran 3.5 hours. Suddenly found that Skype, ATI drivers, and many others no longer worked. Fortunately I had saved a Ghost 14 image and recovered. Not sure I want to try again.

Posted by:
Eric
07 Jun 2011

I have had occasion to use a rescue disk only once on a box that had been run with no A/V at all for nearly a year. The Avira disc found all but one problem and cleaned them all, BUT the machine would then not boot. Another disc with Puppy Linux allowed access to the recovery partition to repair the boot sector.

Posted by:
Jeff I.
07 Jun 2011

So, does this do the same thing/job as Anti-Malware Bytes?
Also, isn't there another freebee out there that works really well on rootkits? Can't remember the name at the moment ...

Posted by:
Matthew
08 Jun 2011

Hi Bob~ I hear that it's not often people like you, and the things you freely do for people, are told thanks. It's such a simple thing to do, but it means a lot. I don't know why more people don't do it, especially when they are offered free information on something so important as the Microsoft Safety-Sweeper and all the other stuff you offer. That's all I have to say. Thanks!

Posted by:
Mary
08 Jun 2011

Point of confusion. Once the CD, DVD or USB drive is created I'm guessing it will contain the latest database of known malware signatures. But if malware prevents Windows from accessing the internet, how will the database get updated if you don't need to use System Sweeper for weeks or even months after it was initially created? Wouldn't running a malware scan from a live Linux distro like Ubuntu be more effective?

EDITOR'S NOTE: It would be counter-productive for malware to block all Internet access, because that's how they do their dirty work. Some may block access to certain sites, but not all network access. And as I said, if you boot from the USB, the malware won't get activated.

Posted by:
Bruce Foat
08 Jun 2011

I would be hesitant to use this tool after hearing of Mr. Todds experience. How many non-geeks are going to screw up their PCs and not have a back up? Is there an "UNdo" function?

Posted by:
Angus Wood-Salomon
08 Jun 2011

I tried running this on my PC.... EMachine AMD Athlon XP 2300 and received an error message 0x8004cc05.

Posted by:
Bruce Foat
09 Jun 2011

I just tried setting this beta app up and using it. It is not yet ready. I'll wait for the final release. Nothing seems to work properly.

Posted by:
Jim McMillen
10 Jun 2011

It takes following the instructions VERY carefully to get it to load from a thumb drive, but it got rid of the two rootkits and four Trojan horses I've been battling. AVG, Spybot S&D, and MalwareBytes all show I'm currently malware-free for the first time in more than two months. I was all ready to reinstall XP Pro until I saw your article. Thanks.

Posted by:
Roger Lancina
12 Jun 2011

Sounds good. I have been using ubcd for over a year and it has been very good. I hope that the Microsoft will handle windows 7 both 32 and 64 bit as the UBCD does not. Best root kit I have used is combofix from bleeping computer.

Posted by:
Bob Pegram
27 Sep 2011

With Microsoft System Sweeper still being beta, I will avoid it. A rescue disk with an anti-malware program that is written incorrectly can cause a lot of damage to the system. There are a lot of good rescue disks: for spyware, etc.: Hiren's Boot Cd or Ultimate Boot CD 4 Windows; for viruses: Avira, Gdata, F-secure, Kaspersky, Avg, etc. I think there are over 10 different ones.

Post your Comments, Questions or Suggestions

* Name:
* Email:
(* = Required field)

(Your email address will not be published)

Comments: (you may use HTML tags for style)

YES... spelling, punctuation, grammar and proper use of UPPER/lower case are important! Comments of a political nature are discouraged. Please limit your remarks to 3-4 paragraphs. If you want to see your comment posted, pay attention to these items.

All comments are reviewed, and may be edited or removed at the discretion of the moderator.

NOTE: Please, post comments on this article ONLY.
If you want to ask a question click here.